Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Critical Cisco Secure Access Control System (ACS) Vulnerability

Researchers at Positive Technologies discovered a serious flaw (CVE-2018-0253) in Cisco’s Secure Access Control System (ACS). System administrators use Cisco ACS to authenticate users across the network. The vulnerability allows external access to the Cisco ACS web interface, thereby allowing attackers to possibly gain unrestricted access to the internal network.

Analysis

An attacker who successfully exploits the ACS Report component of Cisco ACS could execute arbitrary commands on the affected system, which would be processed at the targeted user's privilege level.

The Cisco vulnerability received a CVSS v3.0 score of 9.8 out of 10, indicating a "critical" degree of severity. According to Cisco, “The vulnerability is due to insufficient validation of the Action Message Format (AMF) protocol. An attacker could exploit this vulnerability by sending a crafted AMF message that contains malicious code to a targeted user. A successful exploit could allow the attacker to execute arbitrary commands on the ACS device.”

If Active Directory is integrated with Cisco ACS, an attacker could possibly steal the credentials of the domain administrator.

Solution

This vulnerability affects all releases of Cisco Secure ACS prior to Release 5.8 Patch 7.

Cisco has released software updates that address this vulnerability, and they are available for download.

Tenable® has released a Nessus® plugin to help our customers determine their Cyber Exposure gap.

Plugin ID

Description

110399

Cisco Secure Access Control (cisco-sa-20180502-acs1)

Additional Information

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.